Skip to content

Commit abd53e9

Browse files
maikypediamaikypedia
committed
Fix minor issues
1 parent 413c111 commit abd53e9

File tree

2 files changed

+10
-7
lines changed

2 files changed

+10
-7
lines changed

javascript/ql/lib/semmle/javascript/frameworks/Cors.qll

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,9 @@ import javascript
66

77
/** Provides classes modeling [cors package](https://npmjs.com/package/cors) */
88
module Cors {
9+
/**
10+
* An expression that creates a new CORS configuration.
11+
*/
912
class Cors extends DataFlow::CallNode {
1013
/** Get an instanceof of `cors` */
1114
Cors() { this = DataFlow::moduleImport("cors").getAnInvocation() }
@@ -16,7 +19,7 @@ module Cors {
1619
/** Holds if cors is using default configuration */
1720
predicate isDefault() { this.getNumArgument() = 0 }
1821

19-
/** The value of origin */
22+
/** Gets the value of origin */
2023
DataFlow::Node getOrigin() {
2124
result = this.getCorsArgument().getALocalSource().getAPropertyWrite("origin").getRhs()
2225
}

javascript/ql/lib/semmle/javascript/frameworks/Express.qll

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1073,22 +1073,22 @@ module Express {
10731073
override predicate definitelyResumesDispatch() { none() }
10741074
}
10751075

1076+
/**
1077+
* The CORS configuration used in Express
1078+
*/
10761079
class CorsConfiguration extends DataFlow::MethodCallNode {
10771080
/** Get an `app.use` with a cors object as argument */
10781081
CorsConfiguration() {
10791082
this = appCreation().getAMethodCall("use") and this.getArgument(0) instanceof Cors::Cors
10801083
}
10811084

1082-
/** Get Cors */
1083-
private Cors::Cors cors() { result = this.getArgument(0).(Cors::Cors) }
1084-
10851085
/** Get Cors configuration */
1086-
DataFlow::Node getCorsArgument() { result = cors().getCorsArgument() }
1086+
DataFlow::Node getCorsArgument() { result = this.getArgument(0).(Cors::Cors).getCorsArgument() }
10871087

10881088
/** Holds if cors is using default configuration */
1089-
predicate isDefault() { cors().isDefault() }
1089+
predicate isDefault() { this.getArgument(0).(Cors::Cors).isDefault() }
10901090

10911091
/** Get Cors origin value */
1092-
DataFlow::Node getOrigin() { result = cors().getOrigin() }
1092+
DataFlow::Node getOrigin() { result = this.getArgument(0).(Cors::Cors).getOrigin() }
10931093
}
10941094
}

0 commit comments

Comments
 (0)